<?php

session_start();
require 'connection.php';

$app = new \Slim\Slim();
$app->get('/operator/find_all/:type/:page', authorize('admin'), 'findAll');
$app->get('/operator/find/:type', authorize('admin'), 'find');
$app->get('/operator/search/:search', authorize('admin'), 'search');
$app->get('/operator/search_name/:type/:search', authorize('admin'), 'search_name');
$app->get('/operator/search_code/:type/:search', authorize('admin'), 'search_code');
$app->get('/operator/:id', authorize('admin'), 'read');
$app->post('/operator', authorize('admin'), 'add');
$app->put('/operator/:id', authorize('admin'), 'edit');
$app->delete('/operator/:id', authorize('admin'), 'delete');

$app->run();

function find($type) {
    $sql_list = "SELECT id, name, code, address, type FROM operators WHERE type = " . $type ;
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $db = null;
        echo json_encode($rst_find);
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function findAll($type, $page) {
    $page = ($page - 1) * 10;
    $sql_list = "SELECT id, name, code, address, type FROM operators WHERE type = " . $type . " LIMIT " . $page . ", 10";
    $sql_count = "SELECT count(id) FROM operators WHERE type = " . $type;
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $result = $db->prepare($sql_count);
        $result->execute();
        $rst_count = $result->fetchColumn();
        $db = null;
        echo '{"result":' . json_encode($rst_find) . ', "count" :' . $rst_count . ' }';
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function search($search) {
    //$sql_list = "SELECT id, name, code, address, type FROM operators WHERE name LIKE '%" . $search . "%' ";
    //$sql_list = "SELECT id, name, code, address, type FROM operators WHERE MATCH (name,code) AGAINST ('" . $search . "');";
    $sql_list = "SELECT id, name, code, address, type FROM operators WHERE name like '%" . $search . "%';";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $db = null;
        echo '{"result":' . json_encode($rst_find) . ' , "count" :0}';
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function search_name($type, $search) {
    //$sql_list = "SELECT id, name, code, address, type FROM operators WHERE name LIKE '%" . $search . "%' ";
    //$sql_list = "SELECT id, name, code, address, type FROM operators WHERE MATCH (name,code) AGAINST ('" . $search . "');";
    $sql_list = "SELECT id, name, code, address, type FROM operators WHERE type = " . $type . " AND name LIKE '%" . $search . "%';";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $db = null;
        echo '{"result":' . json_encode($rst_find) . ' , "count" :0}';
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function search_code($type, $search) {
    //$sql_list = "SELECT id, name, code, address, type FROM operators WHERE name LIKE '%" . $search . "%' ";
    //$sql_list = "SELECT id, name, code, address, type FROM operators WHERE MATCH (name,code) AGAINST ('" . $search . "');";
    $sql_list = "SELECT id, name, code, address, type FROM operators WHERE type = " . $type . " AND code like '%" . $search . "%';";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);

        $db = null;
        echo '{"result":' . json_encode($rst_find) . ' , "count" :0}';
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function read($id) {
    $sql_read = "SELECT id, name, code, address, type FROM operators WHERE id = :id";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_read);
        $stmt->bindParam("id", $id);
        $stmt->execute();
        $rst = $stmt->fetchObject();
        $db = null;
        echo json_encode($rst);
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function add() {
    $sql_add = "INSERT INTO operators(name, code, address, type, fono1, fono2, contact, email, pagweb, description) 
        VALUES (:name, :code, :address, :type, :fono1, :fono2, :contact, :email, :pagweb, :description)";
    $request = \Slim\Slim::getInstance()->request();
    $param = json_decode($request->getBody());
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_add);
        $stmt->bindParam("name", $param->name);
        $stmt->bindParam("code", $param->code);
        $stmt->bindParam("address", $param->address);
        $stmt->bindParam("type", $param->type);
        $stmt->bindParam("fono1", $param->fono1);
        $stmt->bindParam("fono2", $param->fono2);
        $stmt->bindParam("contact", $param->contact);
        $stmt->bindParam("email", $param->email);
        $stmt->bindParam("pagweb", $param->pagweb);
        $stmt->bindParam("description", $param->description);

        $stmt->execute();
        $id = $db->lastInsertId();
        $db = null;
        echo json_encode($id);
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function edit($id) {
    $sql_edit = "UPDATE operators SET 
        name=:name, code=:code, address=:address, type=:type 
        fono1=:fono1, fono2=:fono2, contact=:contact, email=:email, pagweb=:pagweb, description=:description
        WHERE id=:id";
    $request = \Slim\Slim::getInstance()->request();
    $body = $request->getBody();
    $param = json_decode($body);
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_edit);
        $stmt->bindParam("id", $id);
        $stmt->bindParam("name", $param->name);
        $stmt->bindParam("code", $param->code);
        $stmt->bindParam("address", $param->address);
        $stmt->bindParam("type", $param->type);
        $stmt->bindParam("fono1", $param->fono1);
        $stmt->bindParam("fono2", $param->fono2);
        $stmt->bindParam("contact", $param->contact);
        $stmt->bindParam("email", $param->email);
        $stmt->bindParam("pagweb", $param->pagweb);
        $stmt->bindParam("description", $param->description);
        $stmt->execute();
        $db = null;
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function delete($id) {
    $sql_delete = "DELETE FROM operators WHERE id=:id";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_delete);
        $stmt->bindParam("id", $id);
        $stmt->execute();
        $db = null;
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

?>